[jboss-cvs] Picketbox SVN: r171 - in trunk/security-jboss-sx/jbosssx/src/main: java/org/jboss/security/config/parser and 1 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Thu Feb 3 15:25:03 EST 2011
Author: mmoyses
Date: 2011-02-03 15:25:03 -0500 (Thu, 03 Feb 2011)
New Revision: 171
Added:
trunk/security-jboss-sx/jbosssx/src/main/resources/schema/security-config_7_0.xsd
Modified:
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/ApplicationPolicy.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/Element.java
trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/ApplicationPolicyParser.java
Log:
new xsd. replacing application-policy element for the more intuitive security-domain element
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/ApplicationPolicy.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/ApplicationPolicy.java 2011-02-03 19:19:36 UTC (rev 170)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/ApplicationPolicy.java 2011-02-03 20:25:03 UTC (rev 171)
@@ -376,7 +376,7 @@
*/
public void writeContent(XMLStreamWriter writer) throws XMLStreamException
{
- writer.writeStartElement(Element.APPLICATION_POLICY.getLocalName());
+ writer.writeStartElement(Element.SECURITY_DOMAIN.getLocalName());
writer.writeAttribute(Attribute.NAME.getLocalName(), name);
if (baseApplicationPolicyName != null)
{
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/Element.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/Element.java 2011-02-03 19:19:36 UTC (rev 170)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/Element.java 2011-02-03 20:25:03 UTC (rev 171)
@@ -37,6 +37,8 @@
POLICY("policy"),
APPLICATION_POLICY("application-policy"),
+
+ SECURITY_DOMAIN("security-domain"),
AUTHENTICATION("authentication"),
Modified: trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/ApplicationPolicyParser.java
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/ApplicationPolicyParser.java 2011-02-03 19:19:36 UTC (rev 170)
+++ trunk/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/config/parser/ApplicationPolicyParser.java 2011-02-03 20:25:03 UTC (rev 171)
@@ -204,7 +204,7 @@
while (reader.hasNext() && reader.nextTag() != END_ELEMENT)
{
final Element element = Element.forName(reader.getLocalName());
- if (element.equals(Element.APPLICATION_POLICY))
+ if (element.equals(Element.APPLICATION_POLICY) || element.equals(Element.SECURITY_DOMAIN))
{
final int count = reader.getAttributeCount();
if (count == 0)
Added: trunk/security-jboss-sx/jbosssx/src/main/resources/schema/security-config_7_0.xsd
===================================================================
--- trunk/security-jboss-sx/jbosssx/src/main/resources/schema/security-config_7_0.xsd (rev 0)
+++ trunk/security-jboss-sx/jbosssx/src/main/resources/schema/security-config_7_0.xsd 2011-02-03 20:25:03 UTC (rev 171)
@@ -0,0 +1,321 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ~ JBoss, Home of Professional Open Source.
+ ~ Copyright 2011, Red Hat, Inc., and individual contributors
+ ~ as indicated by the @author tags. See the copyright.txt file in the
+ ~ distribution for a full listing of individual contributors.
+ ~
+ ~ This is free software; you can redistribute it and/or modify it
+ ~ under the terms of the GNU Lesser General Public License as
+ ~ published by the Free Software Foundation; either version 2.1 of
+ ~ the License, or (at your option) any later version.
+ ~
+ ~ This software is distributed in the hope that it will be useful,
+ ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ ~ Lesser General Public License for more details.
+ ~
+ ~ You should have received a copy of the GNU Lesser General Public
+ ~ License along with this software; if not, write to the Free
+ ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ -->
+
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ targetNamespace="urn:jboss:security-config:7.0"
+ xmlns="urn:jboss:security-config:7.0"
+ elementFormDefault="qualified"
+ attributeFormDefault="unqualified"
+ version="7.0">
+
+ <xs:element name="security-domain" type="securityDomainType"/>
+
+ <xs:complexType name="securityDomainType">
+ <xs:annotation>
+ <xs:documentation>
+ <![CDATA[
+ Configures a security domain.
+ ]]>
+ </xs:documentation>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:choice>
+ <xs:element name="authentication" type="authenticationType"/>
+ <xs:element name="authentication-jaspi" type="authenticationJaspiType"/>
+ </xs:choice>
+ <xs:element name="authorization" type="authorizationType" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element name="acl" type="aclType" minOccurs="0"/>
+ <xs:element name="mapping" type="mappingType" minOccurs="0"/>
+ <xs:element name="audit" type="auditType" minOccurs="0"/>
+ <xs:element name="identity-trust" type="identityTrustType" minOccurs="0"/>
+ </xs:sequence>
+ <xs:attribute name="name" type="xs:string" use="required"/>
+ <xs:attribute name="extends" type="xs:string" use="optional"/>
+ </xs:complexType>
+
+ <xs:complexType name="authenticationType">
+ <xs:annotation>
+ <xs:documentation>
+ <![CDATA[
+ Authentication configuration.
+ ]]>
+ </xs:documentation>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element name="login-module" type="loginModuleType" minOccurs="1" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+
+ <xs:complexType name="authenticationJaspiType">
+ <xs:annotation>
+ <xs:documentation>
+ <![CDATA[
+ JASPI authentication configuration.
+ ]]>
+ </xs:documentation>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element name="login-module-stack" type="loginModuleStackType" maxOccurs="unbounded"/>
+ <xs:element name="auth-module" type="authModuleType" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+
+ <xs:complexType name="authorizationType">
+ <xs:annotation>
+ <xs:documentation>
+ <![CDATA[
+ Authorization configuration.
+ ]]>
+ </xs:documentation>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element name="policy-module" type="policyModuleType" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+
+ <xs:complexType name="aclType">
+ <xs:annotation>
+ <xs:documentation>
+ <![CDATA[
+ ACL configuration.
+ ]]>
+ </xs:documentation>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element name="acl-module" type="aclModuleType" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+
+ <xs:complexType name="mappingType">
+ <xs:annotation>
+ <xs:documentation>
+ <![CDATA[
+ Mapping configuration.
+ ]]>
+ </xs:documentation>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element name="mapping-module" type="mappingModuleType" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+
+ <xs:complexType name="auditType">
+ <xs:annotation>
+ <xs:documentation>
+ <![CDATA[
+ Audit configuration.
+ ]]>
+ </xs:documentation>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element name="provider-module" type="providerModuleType" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+
+ <xs:complexType name="identityTrustType">
+ <xs:annotation>
+ <xs:documentation>
+ <![CDATA[
+ Identity trust configuration.
+ ]]>
+ </xs:documentation>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element name="trust-module" type="trustModuleType" maxOccurs="unbounded"/>
+ </xs:sequence>
+ </xs:complexType>
+
+ <xs:simpleType name="module-option-flag">
+ <xs:annotation>
+ <xs:documentation>
+ <![CDATA[
+ The flag attribute controls how a login module
+ participates in the overall authentication proceedure.
+ Required - The LoginModule is required to succeed. If it
+ succeeds or fails, authentication still continues to proceed
+ down the LoginModule list.
+
+ Requisite - The LoginModule is required to succeed. If it succeeds,
+ authentication continues down the LoginModule list. If it fails,
+ control immediately returns to the application (authentication does not proceed
+ down the LoginModule list).
+
+ Sufficient - The LoginModule is not required to succeed. If it does
+ succeed, control immediately returns to the application (authentication
+ does not proceed down the LoginModule list). If it fails,
+ authentication continues down the LoginModule list.
+
+ Optional - The LoginModule is not required to succeed. If it succeeds or
+ fails, authentication still continues to proceed down the
+ LoginModule list.
+
+ The overall authentication succeeds only if
+ all required and requisite LoginModules succeed. If a
+ sufficient LoginModule is configured and succeeds, then only
+ the required and requisite LoginModules prior to that
+ sufficient LoginModule need to have succeeded for the overall
+ authentication to succeed. If no required or requisite
+ LoginModules are configured for an application, then at least
+ one sufficient or optional LoginModule must succeed.
+ ]]>
+ </xs:documentation>
+ </xs:annotation>
+ <xs:restriction base="xs:string">
+ <xs:enumeration value="required"/>
+ <xs:enumeration value="requisite"/>
+ <xs:enumeration value="sufficient"/>
+ <xs:enumeration value="optional"/>
+ </xs:restriction>
+ </xs:simpleType>
+
+ <xs:complexType name="loginModuleType">
+ <xs:annotation>
+ <xs:documentation>
+ <![CDATA[
+ Login module configuration.
+ ]]>
+ </xs:documentation>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element name="module-option" type="moduleOptionType" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ <xs:attribute name="code" type="xs:string" use="required"/>
+ <xs:attribute name="flag" type="module-option-flag" use="required"/>
+ </xs:complexType>
+
+ <xs:complexType name="moduleOptionType">
+ <xs:annotation>
+ <xs:documentation>
+ <![CDATA[
+ A login module option.
+ ]]>
+ </xs:documentation>
+ </xs:annotation>
+ <xs:attribute name="name" type="xs:string" use="required"/>
+ <xs:attribute name="value" type="xs:string" use="required"/>
+ </xs:complexType>
+
+ <xs:complexType name="loginModuleStackType">
+ <xs:annotation>
+ <xs:documentation>
+ <![CDATA[
+ Login module configuration for JASPI.
+ ]]>
+ </xs:documentation>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element name="login-module" type="loginModuleType" minOccurs="1" maxOccurs="unbounded"/>
+ </xs:sequence>
+ <xs:attribute name="name" type="xs:string" use="required"/>
+ </xs:complexType>
+
+ <xs:complexType name="authModuleType">
+ <xs:annotation>
+ <xs:documentation>
+ <![CDATA[
+ Authentication module configuration for JASPI.
+ ]]>
+ </xs:documentation>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element name="module-option" type="moduleOptionType" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ <xs:attribute name="code" type="xs:string" use="required"/>
+ <xs:attribute name="login-module-stack-ref" type="xs:string" use="optional"/>
+ </xs:complexType>
+
+ <xs:complexType name="policyModuleType">
+ <xs:annotation>
+ <xs:documentation>
+ <![CDATA[
+ Authorization module configuration.
+ ]]>
+ </xs:documentation>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element name="module-option" type="moduleOptionType" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ <xs:attribute name="code" type="xs:string" use="required"/>
+ <xs:attribute name="flag" type="module-option-flag" use="required"/>
+ </xs:complexType>
+
+ <xs:complexType name="aclModuleType">
+ <xs:annotation>
+ <xs:documentation>
+ <![CDATA[
+ ACL module configuration.
+ ]]>
+ </xs:documentation>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element name="module-option" type="moduleOptionType" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ <xs:attribute name="code" type="xs:string" use="required"/>
+ <xs:attribute name="flag" type="module-option-flag" use="required"/>
+ </xs:complexType>
+
+ <xs:complexType name="mappingModuleType">
+ <xs:annotation>
+ <xs:documentation>
+ <![CDATA[
+ Mapping module configuration.
+ ]]>
+ </xs:documentation>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element name="module-option" type="moduleOptionType" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ <xs:attribute name="type" type="xs:string" use="optional"/>
+ <xs:attribute name="code" type="xs:string" use="required"/>
+ </xs:complexType>
+
+ <xs:complexType name="providerModuleType">
+ <xs:annotation>
+ <xs:documentation>
+ <![CDATA[
+ Auudit module configuration.
+ ]]>
+ </xs:documentation>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element name="module-option" type="moduleOptionType" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ <xs:attribute name="code" type="xs:string" use="required"/>
+ </xs:complexType>
+
+ <xs:complexType name="trustModuleType">
+ <xs:annotation>
+ <xs:documentation>
+ <![CDATA[
+ Identity trust module configuration.
+ ]]>
+ </xs:documentation>
+ </xs:annotation>
+ <xs:sequence>
+ <xs:element name="module-option" type="moduleOptionType" minOccurs="0" maxOccurs="unbounded"/>
+ </xs:sequence>
+ <xs:attribute name="code" type="xs:string" use="required"/>
+ <xs:attribute name="flag" type="module-option-flag" use="required"/>
+ </xs:complexType>
+
+</xs:schema>
More information about the jboss-cvs-commits
mailing list